China postpones portion of cybersecurity law

BEIJING (AP) — China has postponed enforcement of part of a cybersecurity law that companies warn violates Beijing’s free-trade pledges but says most of it will take effect Thursday as planned.

Communist authorities say the measures are needed to prevent crime and terrorism and to protect privacy. Companies and foreign governments complain the law will hamper market access and is being rushed into force before Beijing has told companies how to comply.

“This certainly will be a huge impact,” said Michael Chang, a vice president of the European Union Chamber of Commerce in China.

“The situation is still a lot of uncertainty and unclarified terms,” Chang said. “We still see a lack of tangible rules for business to follow.”

The latest version of measures sent to companies on regulation of cross-border movement of data says they take effect Thursday but enforcement is postponed for 18 months to Dec. 31, 2018.

It gave no explanation for the postponement. But it followed appeals by a coalition of dozens of global business groups for a delay until the rules could be made consistent with World Trade Organization regulations.

Other measures including how to define important data and security standards for computer equipment take effect Thursday, according to the Cyberspace Administration of China, the agency responsible for enforcing them.

The law will “protect the broad masses of people and effectively safeguard national cyberspace sovereignty and security,” the agency said Wednesday on its website.

A measure on how to define important data takes effect Thursday, five days after it was released Saturday for a 30-day comment period.

Beijing has issued a series of measures over the past decade to tighten control over data, minimize reliance on foreign security technology and promote China’s fledgling providers. Business groups and China’s trading partners complain that violates its market-opening pledges.

President Xi Jinping’s government has cast itself as a public defender of global free trade in response to U.S. President Donald Trump’s promises to limit imports. But business groups say Beijing appears to be trying to squeeze foreign competitors out of promising fields including agriculture-related biotechnology, health products and data security.

In a report Thursday, the European Union Chamber said 30 percent of information technology and telecoms companies that responded to a survey believed they were discriminated against under national security-related legislation. The American Chamber of Commerce in China said in April a survey found only 10 percent of companies in technology-intensive industries were optimistic about their regulatory environment.

That has fueled trade strains with the United States and Europe at a time of anemic global economic growth.

China’s top economic official, Premier Li Keqiang, is due to meet Friday with European Union leaders in Brussels for talks on political and economic relations amid mounting European frustration about Chinese market barriers.

Chinese leaders have resisted the notion of a borderless internet and free movement of information. Beijing blocks access to foreign websites deemed subversive and Xi has called on other governments to respect “cyber sovereignty,” or the right of countries to restrict online activity.

The Cybersecurity Law would require computer equipment and security systems to pass government tests. Companies would be required to store any data about Chinese citizens within the country.

Business groups warn that would hamper the ability of foreign e-commerce and other companies to compete in China. They say security might be weakened if they are required to shift data storage to China, where security technology might be weaker.

Trade groups also have warned a portion of the Cybersecurity Law requiring technology to be “secure and controllable” might obligate providers to disclose how products work, raising the risk trade secrets might be leaked.

Authorities tried Thursday to defuse complaints about potential business disruption.

“The review will not discriminate against foreign technology,” the Cyberspace Administration said. “On the contrary, the security review will increase consumer confidence in the use of products and expand the enterprise market.”

It said measures on cross-border data flow were not meant to disrupt email, e-commerce or other commercial activity.

“We are willing to cooperate with other countries on this issue so as to jointly promote the flow of data in an orderly and free manner,” the Cyberspace Administration said.

Still, companies are uneasy that they have yet to be given details of how the law will be implemented, said Jake Parker, vice president of China operations for the U.S.-China Business Council.

“It greatly affects business confidence in the China market because companies are unable to faithfully obey the law,” Parker said.